Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/HES9ErylY_R7_q4GRqCUI6UgncQ.roa
File: HES9ErylY_R7_q4GRqCUI6UgncQ.roa (raw, json)
Hash identifier: RGmjYlG//3Z5FNfT2YRV/uOino1Ni6hGvfyazdb7enY=
Subject key identifier: 1C:44:BD:12:BC:A5:63:F4:7B:FE:AE:06:46:A0:94:23:A5:20:9D:C4
Certificate issuer: /CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Certificate serial: 018DCE00149CACF8280380392014443F265D
Authority key identifier: B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/HES9ErylY_R7_q4GRqCUI6UgncQ.roa
Signing time: Wed 21 Feb 2024 23:28:48 +0000
ROA not before: Wed 21 Feb 2024 23:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 185.91.127.0/24 maxlen: 24
2a12:de40::/29 maxlen: 29
2a12:de40::/32 maxlen: 32
2a12:de40:42::/48 maxlen: 48
2a12:de44::/32 maxlen: 32
2a12:de45::/32 maxlen: 32
2a12:de46::/32 maxlen: 32
2a12:de47::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 May 2024 17:46:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ce:00:14:9c:ac:f8:28:03:80:39:20:14:44:3f:26:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Validity
Not Before: Feb 21 23:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c44bd12bca563f47bfeae0646a09423a5209dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:95:76:04:ac:c0:16:7b:95:b7:22:ac:a3:d4:
76:97:76:83:c1:d3:76:6e:ea:3f:19:55:21:56:c8:
45:3f:6c:26:8d:9e:ad:d1:a6:bd:8e:06:57:57:98:
7a:86:62:d8:d5:ef:d4:f4:ba:cc:a3:a7:45:9f:48:
10:21:4c:54:f0:49:98:b4:0b:bb:66:16:2d:2e:d2:
02:66:4d:b8:4a:44:6d:ae:a3:3b:a2:d2:3a:57:b4:
34:ca:6d:f2:dd:14:62:cd:bd:13:45:40:b8:84:21:
7a:1c:85:a4:25:8c:1f:44:9f:49:9c:6c:8f:b6:fb:
6d:ef:d3:77:3f:0c:d1:dd:e4:49:eb:c3:36:51:1d:
06:a3:3b:b4:16:99:a1:a7:48:aa:17:65:0c:98:76:
0e:db:2f:5a:93:ee:9e:42:a2:84:20:91:d6:25:bc:
7a:03:26:ad:a8:8d:a6:cc:b7:12:3e:9d:a2:77:98:
88:1f:f3:f5:48:c6:77:99:b3:55:9c:45:be:34:3e:
b5:3e:bd:3a:fc:6e:8f:f4:77:37:88:9c:39:98:b7:
4b:50:2c:76:88:35:b7:66:82:03:1c:65:f5:4f:61:
04:e8:0c:78:53:4e:4b:c1:dc:58:db:ea:76:e4:f4:
fb:d7:aa:ee:23:a2:22:43:ea:e1:94:42:96:84:43:
a2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:44:BD:12:BC:A5:63:F4:7B:FE:AE:06:46:A0:94:23:A5:20:9D:C4
X509v3 Authority Key Identifier:
keyid:B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/HES9ErylY_R7_q4GRqCUI6UgncQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/uebEGisE_Nj46VcY-n0uEsxErB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.127.0/24
IPv6:
2a12:de40::/29
Signature Algorithm: sha256WithRSAEncryption
7f:b1:fa:d1:e6:97:f1:1b:ad:3b:2d:9b:e1:2e:34:99:89:76:
ce:9a:a9:75:ff:65:4f:7e:bd:9c:69:59:0a:05:2d:98:ce:5f:
d8:1f:ed:ed:2c:85:f2:c8:7b:dc:3d:ad:63:f0:65:24:5b:6c:
62:e5:de:76:99:c2:d2:e5:29:cf:4e:da:83:c5:5e:6e:b2:2a:
23:07:91:1a:77:57:86:42:95:58:d7:f2:5d:6a:32:19:71:4e:
03:ad:5d:58:64:72:0d:7f:bc:65:97:93:e5:76:a4:b0:08:1d:
1b:1b:50:fa:67:44:bd:42:f0:0d:50:b4:a5:15:c3:c0:01:ec:
fa:f7:54:46:de:ea:48:89:49:2d:d6:11:b9:12:ad:4b:25:59:
ca:05:bc:7a:c4:44:0f:51:b3:3d:d1:fb:0f:0a:e2:5a:f3:72:
2a:0d:96:6a:e8:59:28:d0:09:16:86:bf:c9:4d:d5:84:a4:3b:
f4:45:60:91:06:42:3b:87:fe:14:0d:4d:c3:31:c0:41:15:54:
aa:68:6b:1b:72:41:1b:47:7a:80:20:29:70:0d:11:ff:58:7d:
a0:0f:15:24:bc:b3:47:67:77:ad:f1:53:60:fb:50:15:49:e6:
5e:e3:7e:0e:19:55:1a:bb:dc:76:fe:49:1e:c8:fd:a5:e9:3a:
17:27:3a:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY3OABScrPgoA4A5IBREPyZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTZjNDFhMmIwNGZjZDhmOGU5NTcxOGZhN2QyZTEyY2M0
NGFjMWYwHhcNMjQwMjIxMjMyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzQ0YmQxMmJjYTU2M2Y0N2JmZWFlMDY0NmEwOTQyM2E1MjA5ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJV2BKzAFnuVtyKso9R2l3aDwdN2
buo/GVUhVshFP2wmjZ6t0aa9jgZXV5h6hmLY1e/U9LrMo6dFn0gQIUxU8EmYtAu7
ZhYtLtICZk24SkRtrqM7otI6V7Q0ym3y3RRizb0TRUC4hCF6HIWkJYwfRJ9JnGyP
tvtt79N3PwzR3eRJ68M2UR0Gozu0Fpmhp0iqF2UMmHYO2y9ak+6eQqKEIJHWJbx6
AyatqI2mzLcSPp2id5iIH/P1SMZ3mbNVnEW+ND61Pr06/G6P9Hc3iJw5mLdLUCx2
iDW3ZoIDHGX1T2EE6Ax4U05LwdxY2+p25PT716ruI6IiQ+rhlEKWhEOi+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBxEvRK8pWP0e/6uBkaglCOlIJ3EMB8GA1UdIwQY
MBaAFLnmxBorBPzY+OlXGPp9LhLMRKwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEt
YzA4YzA0NDZkNjEzLzEvSEVTOUVyeWxZX1I3X3E0R1JxQ1VJNlVnbmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEtYzA4YzA0NDZkNjEz
LzEvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVt/MA0E
AgACMAcDBQMqEt5AMA0GCSqGSIb3DQEBCwUAA4IBAQB/sfrR5pfxG607LZvhLjSZ
iXbOmql1/2VPfr2caVkKBS2Yzl/YH+3tLIXyyHvcPa1j8GUkW2xi5d52mcLS5SnP
TtqDxV5usiojB5Ead1eGQpVY1/JdajIZcU4DrV1YZHINf7xll5PldqSwCB0bG1D6
Z0S9QvANULSlFcPAAez691RG3upIiUkt1hG5Eq1LJVnKBbx6xEQPUbM90fsPCuJa
83IqDZZq6Fko0AkWhr/JTdWEpDv0RWCRBkI7h/4UDU3DMcBBFVSqaGsbckEbR3qA
IClwDRH/WH2gDxUkvLNHZ3et8VNg+1AVSeZe434OGVUau9x2/kkeyP2l6ToXJzoI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:39 2024 by rpki-client on console-fra.rpki-client.org